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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions and listings of claims in the 
application: 

1-20 (Canceled). 

21 . (Currently amended) A method for providing access to an online service, the 
method comprising: 

receiving, at a first electronic appliance, a first digital certificate from a second 
electronic appliance associated with a user, the first digital certificate attesting to at least 
one attribute of the user; 

determining, by the first electronic appliance, based at least in part on the first 
digital certificate, whether the user is authorized to access the online service , the online 
service comprising a subscription : 

issuing, by the first electronic appliance, based on the determination of whether 
the user is authorized to access the online service, a second digital certificate to the 
user, the second digital certificate attesting to the user's permission to access the online 
service; 

sending, from the first electronic appliance to the second appliance, the second 
digital certificate; and 

collecting, by the first electronic appliance, audit record information relating to the 
user's use of the online service. 

22. (Previously presented) A method as in claim 21 , further comprising: 
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receiving, at the second electronic appliance, a request from the user to access 
the online service; 

checking, by the second electronic appliance, the second digital certificate to 
determine whether the user has permission to access the online service; and 

allowing, by the second electronic appliance, the user to access the online 
service based on the determination of whether the user has permission to access the 
online service. 

23. (Previously presented) A method as in claim 22, in which said checking step is 
performed in a protected processing environment at the second electronic appliance. 

24. (Previously presented) A method as in claim 21 , further comprising: 
sending, from the first electronic appliance to the second electronic appliance, 

software for using the online service to the second electronic appliance; and 

sending, from the first electronic appliance to the second electronic appliance, a 
digital signature for determining the integrity of the software to the user. 

25. (Previously presented) A method as in claim 24, in which the digital signature is 
bound, at least in part, to the identity of the online service. 

26. (Previously presented) A method as in claim 21 , further comprising: 

sending, from the first electronic appliance to the second electronic appliance, a 
third digital certificate, the third digital certificate attesting to the identity of the online 
service, the third digital certificate being issued by a certifying authority. 
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27. (Previously presented) A method as in claim 26, in which the first digital 
certificate is issued by the certifying authority. 

28. (Previously presented) A method as in claim 21 , in which the first digital 
certificate includes an indication of the user's age. 

29. (Previously presented) A method as in claim 21 , in which the first digital 
certificate identifies a party responsible for paying for the user's access to online 
services. 

30. (Previously presented) A method as in claim 29, further comprising: 
sending, by the first electronic appliance, a request for payment to the party 

responsible for paying for the user's access to online services; and 

receiving, at the first electronic appliance, an indication that payment has been 
received. 

31 . (Previously presented) A method as in claim 30, in which the steps of (a) sending 
a request for payment and (b) receiving an indication that payment has been received 
are performed prior to performing the step of sending the second digital certificate to the 
user. 
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32. (Previously presented) A method as in claim 21 , in which the second digital 
certificate attests to the user's permission to access the online service until a specified 
date. 

33. (Previously presented) A method as in claim 21 , in which the at least one 
attribute comprises an indication of the amount of purchases the user is allowed to 
make in a given time period. 

34. (Previously presented) A method as in claim 21 , in which the online service 
comprises an interactive online game. 

35. (Previously presented) A method as in claim 34, further comprising: 
sending, from the first electronic appliance to the second electronic appliance 

software for playing the online game to the user in a secure container. 

36. (Canceled) 

37. (Currently Amended) A method as in claim [[36]] 21_, in which the second digital 
certificate includes an expiration date of the subscription. 

38. (Previously presented) A method as in claim 21 , further comprising: 
collecting, by the first electronic appliance, payment information from the user. 

39. (Previously presented) A method as in claim 38, further comprising: 

-5- 



Application No. 10/727,324 
Attorney Docket No.: 07451 .0005-04000 
IT-7.2.1 (US) 

sending, by the first electronic appliance, the payment information to a financial 
clearinghouse. 

40. (Canceled) 

41 . (Previously presented) A method as in claim 21 , further comprising: 

sending, by the first electronic appliance, the audit record information to a usage 
clearinghouse. 

42. (Withdrawn) A method for accessing an online service, the method comprising: 
sending a first request to access an online service from a user's site to an online 

service provider's website, the first request including a first digital certificate attesting to 
at least one attribute of the user; 

receiving a request for payment information; 

sending the payment information to the online service provider's website, or a 
website associated therewith; and 

receiving a second digital certificate, the second digital certificate indicating that 
the user is authorized to access the online service; 
accessing the online service. 

43. (Withdrawn) A method as in claim 42, further comprising: 
sending a second request to access the online service; 

checking the second digital certificate to determine whether the user has 
permission to access the online service; and 
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allowing the user to access the online service if it is determined that the user has 
permission to access the online service. 

44. (Withdrawn) A method as in claim 43, in which said checking step is performed in 
a protected processing environment at the user's computer system. 

45. (Withdrawn) A method as in claim 42, further comprising: 
receiving software for using the online service; 

receiving a digital signature for determining the integrity of the software. 

46. (Withdrawn) A method as in claim 45, in which the digital signature is bound, at 
least in part, to the identity of the online service. 

47. (Withdrawn) A method as in claim 42, further comprising: 

receiving a third digital certificate, the third digital certificate attesting to the 
identify of the online service, the third digital certificate being issued by a certifying 
authority. 

48. (Withdrawn) A method as in claim 47, in which the first digital certificate is issued 
by the certifying authority. 

49. (Withdrawn) A method as in claim 42, in which the first digital certificate includes 
an indication of the user's age. 
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50. (Withdrawn) A method as in claim 42, in which the first digital certificate identifies 
a party responsible for paying for the user's access to online services. 

51 . (Withdrawn) A method as in claim 42, in which the second digital certificate 
attests to the user's permission to access the online service until a specified date. 

52. (Withdrawn) A method as in claim 42, in which the at least one attribute 
comprises an indication of the amount of purchases the user is allowed to make in a 
given time period. 

53. (Withdrawn) A method as in claim 42, in which the online service comprises an 
interactive online game. 

54. (Withdrawn) A method as in claim 53, further comprising: 

receiving a secure container from the online service provider's website, the 
secure container containing software for playing the online game. 

55. (Withdrawn) A method as in claim 42, in which the online service comprises a 
subscription. 

56. (Withdrawn) A method as in claim 55, in which the second digital certificate 
includes an expiration date of the subscription. 

57. (Withdrawn) A method as in claim 42, further comprising: 
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sending information relating to the user's use of the online service to a remote 

site. 

58. (Withdrawn) A method as in claim 57, in which the remote site comprises a 
usage clearinghouse. 

59. (Withdrawn) A method as in claim 57, in which the remote site comprises the 
online service provider's website. 

60. (Canceled) 

61. (Canceled) 

62. (Withdrawn) A computer program product stored on a computer-readable 
medium, the computer program product including instructions that, when executed by a 
computer system, cause the computer system to perform acts comprising: 

sending a first request to access an online service to an online service provider's 
website, the first request including a first digital certificate attesting to at least one 
attribute of a user; 

receiving a request for payment information; 
sending the payment information to the online service provider's website, or a website 
associated therewith; 

receiving a second digital certificate, the second digital certificate indicating that 
the user is authorized to access the online service; and 
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accessing the online service. 

63. (Withdrawn) A computer program product as in claim 62, the computer program 
product further including instructions that, when executed by a computer system, cause 
the computer system to perform acts comprising: 

sending a second request to access the online service; 

checking the second digital certificate to determine whether the user has 
permission to access the online service; and 

allowing the user to access the online service if it is determined that the user has 
permission to access the online service. 
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